Lynnesbian/update-gitea.sh

## update-gitea.sh
#!/usr/bin/env bash

# check to make sure everything we need is installed
dependencies=(curl jq xz gpg sha256sum)
for dep in "${dependencies[@]}"; do
	if ! which $dep &> /dev/null; then
		echo "This script requires $dep to be installed and available on your PATH."
		exit 1
	fi
done

if ! which systemctl &> /dev/null; then
	echo "This script uses systemctl to start and stop the gitea service, and does not support other init systems."
	exit 1
fi

j=`curl --silent "https://api.github.com/repos/go-gitea/gitea/releases/latest"`
# j=`cat out.json`
version=`echo "$j" | jq -r .tag_name`
if [[ $1 == '-s' ]]; then
	echo "Updating gitea to $version..."
else
	echo "Gitea will be updated to $version. Press enter to continue."
	read
fi

echo "Changelog:"
echo "$j" | jq -r '.body'
# get a list of assets (downloads) for linux-amd64 from the release info
assets=`echo "$j" | jq -r '.assets[] | select (.name | contains("linux-amd64.xz")) | .url'`
urls=()

# get the actual downloadable URL for each asset
echo "Getting asset URLs..."
while read line; do
	response=`curl --silent "$line"`
	url=`echo "$response" | jq -r ".browser_download_url"`
	urls+=("$url")
done <<<`echo "$assets"`

# rename files to make things easier
for url in "${urls[@]}"; do
	out='gitea.xz'
	case "$url" in
		*.sha256)
			out+='.sha256'
		;;
		*.asc)
			out+='.asc'
		;;
		*.xz)
			true
		;;
		*)
			# bad extension
			echo "I don't know how to handle $url!"
			exit 1
		;;
	esac
	echo "Downloading $url..."
	curl -o "$out" -LC - "$url"
done

# update the sha256 file to reflect the changed filename
sed -Ei 's/  .*/  gitea.xz/' gitea.xz.sha256

# check sha256
echo "Verifying checksum..."
if ! sha256sum -c gitea.xz.sha256  &> /dev/null; then
	echo "SHA256 validation failed!"
	exit 1
fi

# import gitea's public key for signed builds, but only if it hasn't already been imported
# TODO: the key is currently hardcoded, which will be an issue if gitea changes their key
echo "Verifying PGP signature..."
key="7C9E68152594688862D62AF62D9AE806EC1592E2"
if ! gpg --list-key $key  &> /dev/null; then
	gpg --keyserver pgp.mit.edu --recv $key
fi

# check signature
if ! gpg --verify gitea.xz.asc gitea.xz  &> /dev/null; then
	echo "PGP verification failed!"
	exit 1
fi

echo "Extracting gitea.xz..."
xz -d --stdout gitea.xz > gitea-new

echo "Stopping gitea service..."
systemctl stop gitea

echo "Replacing files and cleaning up..."
mv gitea gitea-old
mv gitea-new gitea
rm gitea.xz.sha256
rm gitea.xz.asc
rm gitea.xz

echo "Setting permissions..."
chown git gitea
chmod +x gitea

echo "Starting gitea..."
systemctl start gitea

echo "Done."
	#!/usr/bin/env bash

	# check to make sure everything we need is installed
	dependencies=(curl jq xz gpg sha256sum)
	for dep in "${dependencies[@]}"; do
	if ! which $dep &> /dev/null; then
	echo "This script requires $dep to be installed and available on your PATH."
	exit 1
	fi
	done

	if ! which systemctl &> /dev/null; then
	echo "This script uses systemctl to start and stop the gitea service, and does not support other init systems."
	exit 1
	fi

	j=`curl --silent "https://api.github.com/repos/go-gitea/gitea/releases/latest"`
	# j=`cat out.json`
	version=`echo "$j" \| jq -r .tag_name`
	if [[ $1 == '-s' ]]; then
	echo "Updating gitea to $version..."
	else
	echo "Gitea will be updated to $version. Press enter to continue."
	read
	fi

	echo "Changelog:"
	echo "$j" \| jq -r '.body'
	# get a list of assets (downloads) for linux-amd64 from the release info
	assets=`echo "$j" \| jq -r '.assets[] \| select (.name \| contains("linux-amd64.xz")) \| .url'`
	urls=()

	# get the actual downloadable URL for each asset
	echo "Getting asset URLs..."
	while read line; do
	response=`curl --silent "$line"`
	url=`echo "$response" \| jq -r ".browser_download_url"`
	urls+=("$url")
	done <<<`echo "$assets"`

	# rename files to make things easier
	for url in "${urls[@]}"; do
	out='gitea.xz'
	case "$url" in
	*.sha256)
	out+='.sha256'
	;;
	*.asc)
	out+='.asc'
	;;
	*.xz)
	true
	;;
	*)
	# bad extension
	echo "I don't know how to handle $url!"
	exit 1
	;;
	esac
	echo "Downloading $url..."
	curl -o "$out" -LC - "$url"
	done

	# update the sha256 file to reflect the changed filename
	sed -Ei 's/ .*/ gitea.xz/' gitea.xz.sha256

	# check sha256
	echo "Verifying checksum..."
	if ! sha256sum -c gitea.xz.sha256 &> /dev/null; then
	echo "SHA256 validation failed!"
	exit 1
	fi

	# import gitea's public key for signed builds, but only if it hasn't already been imported
	# TODO: the key is currently hardcoded, which will be an issue if gitea changes their key
	echo "Verifying PGP signature..."
	key="7C9E68152594688862D62AF62D9AE806EC1592E2"
	if ! gpg --list-key $key &> /dev/null; then
	gpg --keyserver pgp.mit.edu --recv $key
	fi

	# check signature
	if ! gpg --verify gitea.xz.asc gitea.xz &> /dev/null; then
	echo "PGP verification failed!"
	exit 1
	fi

	echo "Extracting gitea.xz..."
	xz -d --stdout gitea.xz > gitea-new

	echo "Stopping gitea service..."
	systemctl stop gitea

	echo "Replacing files and cleaning up..."
	mv gitea gitea-old
	mv gitea-new gitea
	rm gitea.xz.sha256
	rm gitea.xz.asc
	rm gitea.xz

	echo "Setting permissions..."
	chown git gitea
	chmod +x gitea

	echo "Starting gitea..."
	systemctl start gitea

	echo "Done."